This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Yanick_DJINZOU
Contributor
‎2019-01-22 06:14 AM

DASHBOARD-SANDBLAST NETWORK & MOBILE

I am new comer with the Checkpoint solution and I worked on the Cisco solution and we had a POC for the Sandblast Network and the customer wants to make sure of certain points, so I allow myself to ask for your help given your experience feedback.
The client's infrastructure is local with 1300 Users and in his network they have a fortigate in front + fortimail. And
1-There is a way to integrate the SandBlast Mobile Dashboard in the same management console for Network and Endoint if the customer wants also the SandBlast Mobile.
2- This Fortigate and Check Point Appliance would work together.

Thanks for your answers

Yanick DJINZOU

2 Replies
Daniel_Taney
Advisor
‎2019-01-22 08:33 AM

As far as #1 goes, the Dashboard for SandBlast Mobile is not managed centrally with the SandBlast Network components. The Mobile component is managed via a WebUI with the management living in Check Point's Cloud. 

You can, however, manage the SandBlast Network components and Endpoint components under the same Management Application (SmartConsole). Depending on your implementation goals, it might be beneficial to separate those management roles to two different servers. But, I would recommend having that conversation with whoever is assisting you with the POC.

As far as #2, how do you plan on implementing the Check Point appliance? Would it be inserted as an extra L3 hop in between the Fortinet and your users? Or were you planning on using it in Bridge mode? Others can chime in, but I'd generally advise against using Bridge mode unless you have no other choice. There are a lot of restrictions & performance issues that can result from being in that mode.

Assuming the CP appliance is sitting as a routed hop in between the Fortinet and your internal network, the SandBlast Network components should work fine. In terms of integrating with FortiMail, you will want to enable MTA on the CP Appliance and insert the CP as another MTA hop before the mail gets handed off to your internal E-Mail servers. This will allow you to run full the full suite of SandBlast mail protections. 

I'm far from a FortiNet expert, so I am speaking in fairly generic terms here, but hope that helps answer some of your questions!

R80 CCSA / CCSE
Yanick_DJINZOU
Contributor
‎2019-01-22 09:06 AM
In response to Daniel_Taney

Thanks to you Daniel

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events